Lucene search
K

31 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.12 views

EulerOS 2.0 SP11 : golang (EulerOS-SA-2026-2207)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a...

10CVSS7.9AI score0.01945EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : golang (EulerOS-SA-2026-2245)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a...

10CVSS7.9AI score0.01945EPSS
Exploits2References8
Amazon
Amazon
added 2026/05/26 12:0 a.m.23 views

Important: golang-github-burntsushi-toml-test

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out...

7.5CVSS7.1AI score0.01945EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/14 11:11 a.m.25 views

Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization

Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the .unset and .omit functions. An attacker can pass...

8.6CVSS7AI score0.01945EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.6 views

RHCOS 4 / 9 : OpenShift Container Platform 4.16.z (RHSA-2024:8418)

The remote Red Hat Enterprise Linux CoreOS 4 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8418 advisory. - github.com/jaraco/zipp: Denial of Service infinite loop via crafted zip file in jaraco/zipp CVE-2024-5569 - Podman: Buildah:...

9.8CVSS7AI score0.01952EPSS
Exploits0References9
OSV
OSV
added 2026/03/20 2:27 p.m.10 views

OESA-2026-1701 golang security update

The Go Programming Language. Security Fixes: The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large...

10CVSS7.8AI score0.01945EPSS
Exploits2References7
OSV
OSV
added 2026/03/20 2:26 p.m.12 views

OESA-2026-1698 golang security update

The Go Programming Language. Security Fixes: The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large...

10CVSS7.8AI score0.01945EPSS
Exploits2References7
OSV
OSV
added 2026/02/25 5:39 p.m.16 views

CLSA-2026-1772041183 grafana: Fix of 3 CVEs

rebuild with newer golang version 1.22.9-1.el92.tuxcare.els5 to fix the following CVE's - CVE-2025-61726: limit parsed URL query parameters to mitigate excessive memory consumption during form parsing - CVE-2025-61728: fix denial-of-service in archive/zip by replacing super-linear index...

7.5CVSS7.1AI score0.01945EPSS
Exploits3References1
Amazon
Amazon
added 2026/02/19 12:0 a.m.7 views

Medium: docker

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS6AI score0.01945EPSS
Exploits2
Amazon
Amazon
added 2026/02/19 12:0 a.m.11 views

Medium: amazon-ecr-credential-helper

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS5.7AI score0.01945EPSS
Exploits2
Amazon
Amazon
added 2026/02/19 12:0 a.m.12 views

Medium: containerd

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS5.7AI score0.01945EPSS
Exploits2
Amazon
Amazon
added 2026/02/19 12:0 a.m.16 views

Medium: containerd

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS6AI score0.01945EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.10 views

Amazon Linux 2023 : docker (ALAS2023-2026-1376)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1376 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processe...

10CVSS5.7AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.9 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2ECS-2026-096 (ALASECS-2026-096)

The version of oci-add-hooks installed on the remote host is prior to 0-0.7.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-096 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service wh...

10CVSS5.9AI score0.01945EPSS
Exploits2References10
Amazon
Amazon
added 2026/02/18 12:0 a.m.12 views

Medium: docker

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS8.3AI score0.01945EPSS
Exploits2
OSV
OSV
added 2026/02/11 5:56 p.m.8 views

MGASA-2026-0035 Updated golang packages fix security vulnerabilities

net/http: memory exhaustion in Request.ParseForm. CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives. CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level. CVE-2025-61730 cmd/go: bypass of flag sanitization can lead to...

10CVSS6.3AI score0.01945EPSS
Exploits2References8
Mageia
Mageia
added 2026/02/11 5:56 p.m.16 views

Updated golang packages fix security vulnerabilities

net/http: memory exhaustion in Request.ParseForm. CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives. CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level. CVE-2025-61730 cmd/go: bypass of flag sanitization can lead to...

10CVSS6.5AI score0.01945EPSS
Exploits2References7
Amazon
Amazon
added 2026/02/05 12:0 a.m.11 views

Important: golang

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 cmd/go: bypass of flag sanitization ca...

10CVSS6.3AI score0.01945EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.8 views

Amazon Linux 2 : cni-plugins, --advisory ALAS2-2026-3134 (ALAS-2026-3134)

The version of cni-plugins installed on the remote host is prior to 1.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3134 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary...

10CVSS7.8AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

Amazon Linux 2023 : golist (ALAS2023-2026-1382)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1382 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processe...

10CVSS7.2AI score0.01945EPSS
Exploits2References10
Rows per page
Query Builder